|
Not sure if I should just ask in here or make a new thread, but I'll ask anyway. Let me know otherwise. I downloaded a program. Being generally paranoid, I did an on-demand scan (like usual) on the executable/self-extracting archive and got a slightly inconclusive hit (seems like potentially a false positive, from what little information I found). I never manually ran the executable. Uploaded it to VirusTotal and 15/55 came back with a result but again, the results seemed fairly generic and inconclusive. I deleted the program and have run several full scans on my system with MSE, TDSSKiller, Rkill, Comodo Cleaner Essentials/KillSwitch/Autorun Analyzer, Malwarebytes, and SuperAntiSpyware. Running KillSwitch, there are a few drivers in the "Services" with nonsense names that I can't find any real information on (qrhwas, tcoifh, uotote), but I have no idea if they're related to the various scanners or what. Other than that, there are various "unknowns" from my Bluetooth and Creative audio drivers, and some mshtml.dll entries from Autorun Analyzer (about, javascript, mailto, res, vbscript), but they're signed Microsoft and don't throw any flags in the other scanners. Nothing else unknown or suspicious shows up in any of the other scanners. There aren't currently any new problems that I've noticed with the system. Is there anything else I should do to try to make sure nothing's wrong? Should I still be at all worried about this, or should I just assume it was a false positive and the system's fine? I tend to be overly paranoid and just wipe everything whenever a suspicious file pops up, which I think is probably overdoing it and overly time-consuming.
|
# ¿ Oct 29, 2015 10:36 |
|
|
# ¿ May 3, 2024 11:07 |
|
Rufus Ping posted:Then you're no worse off than you were before unless it exploited your AV engine or eg the PE parser bit of windows (realistically it probably didn't) cheese-cube posted:What did the AV engines on VirusTotal report it as? Usually you can find an accompanying KB article from the relevant vendor which lists signs of infection that you can check for. Of course that's assuming that it's fairly benign. Volmarias posted:I would be worried about this regardless. Do AV, etc scanners generally use random names now? I ended up blowing away my OS again anyway soon after I posted. I'm guessing I overreacted to the whole thing and was just in too lovely of a state of mind to keep myself calm. I've been sick for two weeks now and it's getting to me. I'm gathering up some bootable disks to try scanning outside of any kind of Windows install to see if anything comes up, but I think I just overreacted like usual.
|
# ¿ Oct 29, 2015 21:56 |